From f2ffabad3e34b541538b97f08e8cb55cfe038b7c Mon Sep 17 00:00:00 2001 From: aitzol Date: Wed, 22 Nov 2023 11:33:36 +0100 Subject: [PATCH] 2fa-0.9 --- app.py | 31 ++++++++++++++++--------------- 1 file changed, 16 insertions(+), 15 deletions(-) diff --git a/app.py b/app.py index 68d5ac2..94e440e 100644 --- a/app.py +++ b/app.py @@ -54,8 +54,9 @@ def get_index(): @get('/user') def get_index(): + print('SESSION:',newSession().get()) try: - print(newSession().get()) + print('SESSION:',newSession().get()) return user_tpl(data=newSession().get(), str=i18n.str) except Exception as e: return index_tpl(str=i18n.str) @@ -152,8 +153,8 @@ def post_user(): if not tools.pwd_validation(form('password')): return error(i18n.msg[21]) - username = form('username') - password = form('password') + #username = form('username') + #password = form('password') try: login(form('username'), form('password')) @@ -170,12 +171,13 @@ def post_user(): try: if(check_2fa_step1(form('username'))): print('kk') + logout(form('username')) return index_tpl(two_factor_authentication=True, key=key, str=i18n.str) except Error as e: LOG.warning("Erabiltzailea ez da aurkitu???") return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str) - +''' @post('/user') def post_user(): form = request.forms.getunicode @@ -196,14 +198,8 @@ def post_user(): except Error as e: LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e)) return error(str(e)) - ''' - if(not newSession().get()['secureAuth']): - return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str) - elif(newSession().get()['secureAuth']): - return index_tpl(two_factor_authentication=True, str=i18n.str) - ''' return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], form('username').capitalize()), 'fadeOut' )], data=newSession().get(), str=i18n.str) - +''' @post('/user_step2/') def post_user_step2(key): form = request.forms.getunicode @@ -220,7 +216,7 @@ def post_user_step2(key): print("sid:",newSession().get()['id']) print('pwd:',password) - logout(newSession().get()['username']) + #logout(newSession().get()['username']) def error(msg): return index_tpl(alerts=[('error', msg, 'fadeOut')], str=i18n.str) @@ -228,7 +224,7 @@ def post_user_step2(key): #if not tools._2fa_validation(form('code'), newSession().get()['authCode']): if not tools._2fa_validation(form('code'), secret): #logout(newSession().get()['username']) - logout(username) + #logout(username) return error('Kode okerra. Saio hasierak huts egin du.') else: @@ -237,6 +233,7 @@ def post_user_step2(key): except Error as e: LOG.warning("Unsuccessful attempt to login %s: %s" % (form('username'), e)) return error(str(e)) + print(newSession().get()) return user_tpl(alerts=[('success', '%s %s' % (i18n.msg[1], newSession().get()['username']), 'fadeOut' )], data=newSession().get(), str=i18n.str) @@ -554,9 +551,12 @@ def login_user_ldap(conf, username, password): # Note: raises LDAPUserNameIsMandatoryError when user_dn is None. with connect_ldap(conf, authentication=SIMPLE, user=user_dn, password=password) as c: c.bind() + print('USERDN:', user_dn) if is_trusted_device(conf, user_dn): newSession().set(get_user_data(user_dn, c)) - newSession().get()['id']=tools.session_id() + #newSession().get()['id'] = tools.session_id() + newSession().data['id'] = tools.session_id() + print(newSession().data) #update timestamp + ip address update_login_info(conf, user_dn) LOG.debug("%s logged in to %s" % (username, conf['base'])) @@ -1197,7 +1197,7 @@ def newSession(): def __init__(self): super(Session, self).__init__() self.data = bottle.request.environ.get('beaker.session') - self.id = None + #self.id = None #self.lang = self.get_lang() #localization self.lang = self.get_lang() @@ -1212,6 +1212,7 @@ def newSession(): return CONF['locale']['lang'] def get(self): + print(self.data) if 'username' in self.data: return(self.data) else: